Threat Assessment:-

Short Description: Mafia Ransomware virus belongs to ransomware family and will able to encrypts the entire system and cause various damages to the affected machine.

Mafia Ransomware is another newly found file encryption system malware and is categorized as ransomware family. It uses a unique encryption algorithm to lock down the system important files and is called as AES-256 and is recognized as most popular file encryption algorithm. The sole motive of hacker behind creating this dubious threat is to cheat innocent user and make it profitable. This harmful threat silently intrudes to the targeted machine and easily lock down the entire system file for a while period of time. It can able to lock any kinds of file such as images, audio, video and the document having ext such as .txt, .pst, .ppt, .pst, .pdf, .mts, .mp4, .mp3, .rtf, .doc, .docx and many more. After getting installation it will encrypt entire system file and add their ext at the end of each existing file. It will get intrude through various ways such as the bundle of free third-party programs, the freeware program, spam emails, email attachment, freeware programs, peer to peer file sharing, file attachment, download the pirate sites, visited suspicious links, torrent file and through various ways.

Mafia Ransomware virus once installs to a machine will start performing various malicious activities inside the machine. After successful installation, it will first disable your system anti-virus and firewall security. It can also cause various modifications to the machine such as changing system registry, default settings, DNS settings, registry settings, control panel, task manager, remote server control and many of the other. Mafia Ransomware virus leaves ransom notes on the system desktop and informs a user about system file affection. It mentions you that it only gets removed by getting the decryption keys. It asks the huge amount of money to fix the fake problem and demands for BitCoins money. If user not able to pay this money in a given period of time then hacker warns to delete the encrypted file from the system completely. It can also steal user system file and share it to the other person to earn the extra profit. It cannot get easily removed by the affected machine.